Posts

Showing posts from July, 2018

Five Design Principles for the Network Architect - Security

(#4 of 7)
To continue the series, this post talks at a high level about principles you should consider when you're looking at the security aspects of your network design.  Be aware I am not a cyber security guy.  But I do know what security elements you should consider when you build a network design, so this is what I'm discussing herein.  If you want more on cyber security, you could find a lot worse starting point than fellow #CiscoChampion Zoë Rose's blog https://www.zoërose.com or follow her on Twitter @5683Monkey.

[Disclosure: Zoë proof read this post for me to help keep me honest - thank you!]
As every security course ever taught points out, there are three fundamental goals of any security design:
Confidentiality - ensuring that data is not accessible by parties from whom it should be hidden.  Most network security mechanisms are concerned with this in some way - including access control; network segmentation; policy definition and enforcement; and encryption where…